Updated: 22 December 2004
A British teenager has been convicted for distributing the
Randex computer
worm, designed to turn innocent infected computers into compromised
"zombies" under the control of remote hackers.
According to media reports, the 16-year-old youth has had his six
month sentence suspended on probation by the South Cheshire
juvenile court in Crewe, UK. These early media reports suggested
that the gang had sold access to the zombie computer network to
spammers - however, a news story written by John Leyden, a journalist
with The Register, has quoted computer crime sources saying there
was no evidence found of this, and that the real motivation was to
accrue points in an online role-playing-game called Outwar.
The international investigation - which brought together New
Scotland Yard, the USA's FBI, the Technology Crime Unit of the
Royal Canadian Mounted Police, and Microsoft - explored claims that
the gang infected PCs and controlled them via Internet Relay Chat
(IRC).
Two American and one Canadian are also said to have been
involved in the gang - with the 16-year-old Canadian suspect having
been arrested
in May 2004 and subsequently sentenced to nine months probation.
All members of the gang are believed to be too young to serve
prison sentences.
"Virus writers are increasingly writing malware to break into
vulnerable computers, giving them access to sensitive information
and resources. Without the user realising their computer can be
spewing out thousands of nuisance emails in a spam campaign, or
launching a distributed denial-of-service attack against an
innocent website," said Graham Cluley, senior
technology consultant for Sophos. "The youthful members of this
gang would most likely have been treated much more severely if they
were a few years older. It's important that everyone, regardless of
their age, learns that the authorities are not going to turn a
blind eye to computer crime."
Computers infected by the Randex worm were also reportedly used
to launch distributed denial-of-service attacks against a series of
websites.
Sophos recommends that companies ensure their systems are
protected with the latest anti-virus updates. Sophos's anti-virus solutions can be automatically updated,
ensuring the latest virus protection is in place against the latest
threats even when your office is unmanned.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.